{"ID":2825234,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2512.21663","arxiv_id":"2512.21663","title":"Verifiable Passkey: The Decentralized Authentication Standard","abstract":"Passwordless authentication has revolutionized the way we authenticate across various websites and services. FIDO2 Passkeys, is one of the most-widely adopted standards of passwordless authentication that promises phishing-resistance. However, like any other authentication system, passkeys require the user details to be saved on a centralized server, also known as Relying Party (RP) Server. This has led users to create a new passkey for every new online account. While this just works for a limited number of online accounts, the limited storage space of secure storage modules like TPM or a physical security key limits the number of passkeys a user can have. For example, Yubico Yubikey 5 (firmware 5.0 - 5.6) offers to store only 25 passkeys, while firmware 5.7+ allows to store upto 100 [1]. To overcome this problem, one of the widely adopted approaches is to use Federated Authentication with Single Sign On (SSO). This allows the user to create a passkey for the Identity Provider (IdP) and use the IdP to authenticate to all service providers. This proves to be a significant privacy risk since the IdP can potentially track users across different services. To overcome these limitations, this paper introduces a novel standard 'Verifiable Passkey' that allows the user to use Passkeys created for a Verifiable Credential issuer across any platform without risking privacy or user tracking.","short_abstract":"Passwordless authentication has revolutionized the way we authenticate across various websites and services. FIDO2 Passkeys, is one of the most-widely adopted standards of passwordless authentication that promises phishing-resistance. However, like any other authentication system, passkeys require the user details to b...","url_abs":"https://arxiv.org/abs/2512.21663","url_pdf":"https://arxiv.org/pdf/2512.21663v1","authors":"[\"Aditya Mitra\",\"Sibi Chakkaravarthy Sethuraman\"]","published":"2025-12-25T13:06:52Z","proceeding":"cs.CR","tasks":"[\"cs.CR\",\"cs.ET\"]","methods":"[]","has_code":false}